The advent of computer networks has proliferated the use of distributed-computing environments. A distributed-computing environment is a type of computing wherein several computer platforms, i.e., different computers, coupled by a network, perform separate but related tasks, (called a process), that are directed in concert toward a single achievement. One example of such a process is the retrieval of all files in a network having the same pattern of letters in the file name. By taking advantage of the computing power of several computers at once, tasks require less time for completion. Use of a processor close to resources to be processed reduces total computing resource requirements.
One method known in the art for practicing a distributed-computing environment is called “remote programming.” In remote programming, a first executing program, called a client process, executing on a first computer system, sends to a second process, called a server process executing on the second computer system, a list of instructions. The instructions are then carried out on the second computer system by the server process, effectuating the goal of the client process. The instructions which the server process is designed to carry out must have some degree of generality, i.e., the instructions must allow some degree of local decision-making with respect to details.
U.S. Pat. No. 6,016,393 to White et al., entitled, “System and Method for Distributed Computation Based upon the Movement, Execution, and Interaction of Processes in a Network”, which is hereby incorporated by reference, disclosed a system that improved upon the concept of remote programming by utilizing processes called mobile agents (sometimes referred to as mobile objects or agent objects). The system described by White et al., provides the ability for an object (the mobile agent object), existing on a first (“host”) computer system, to transplant itself to a second (“remote host”) computer system while preserving its current execution state. The operation of a mobile agent object is described briefly below.
The instructions of the mobile agent object, its preserved execution state, and other objects owned by the mobile agent object are packaged, or “encoded”, to generate a string of data that is configured so that the string of data can be transported by all standard means of communication over a computer network. Once transported to the remote host, the string of data is decoded to generate a computer process, still called the mobile agent object, within the remote host system. The decoded mobile agent object includes those objects encoded as described above and remains in its preserved execution state. The remote host computer system resumes execution of the mobile agent object which is now operating in the remote host environment.
While now operating in the new environment, the instructions of the mobile agent object are executed by the remote host to perform operations of any complexity, including defining, creating, and manipulating data objects and interacting with other remote host computer objects. The operations, often called services, permitted to the mobile agent object are limited by a “permit” according to White et al. A permit limits the particular capabilities of a particular mobile agent object on particular occasions. The permit for a mobile agent object specifies which of several of the services defined for the mobile agent object can or cannot be performed. The permit further limits the amount of processing resources the mobile agent object can consume and the time at which the mobile agent object expires. Additionally, the permit specifies the priority of execution of the mobile agent object relative to other objects.
The permit, however, cannot determine or define the nature of the host-computing environment within which the mobile agent object is executing. That is, before the mobile agent object is able to do anything, it would be beneficial to discover what services are available in a host-computing environment. A mobile agent object unable to discover the services that are available would simply try all services in an effort to determine if the host-computing environment even has the particular service or will allow the mobile agent object access to the service if it does exist. This is wasteful of computing time and power. Thus, a uniform method for service discovery by the mobile agent object within the host-computing environment is desirable.
Furthermore, in addition to using a permit to limit the abilities of a mobile agent object, a uniform method for auditing service usage by the mobile agent object is desirable. In this manner, statistics regarding the host-computing environment can be generated as well as provisions for an audit trail for intrusion detection software.